Dnsco · Dnsco Bind · CVE-2013-4854
**Name of the Vulnerable Software and Affected Versions**
ISC BIND versions 9.7.x through 9.8.4, versions 9.8.5 through 9.8.5-P1, versions 9.9.x through 9.9.3-P1, and version 9.9.4 before 9.9.4b1
DNSco BIND versions 9.9.3-S1 through 9.9.3-S1-P0, and version 9.9.4-S1 before 9.9.4-S1b1
**Description**
The issue allows remote attackers to cause a denial of service via a query with a malformed RDATA section. This is due to improper handling during the construction of a log message. The problem has been exploited in the wild.
**Recommendations**
For ISC BIND versions 9.7.x through 9.8.4, update to version 9.8.5-P2 or later.
For ISC BIND versions 9.8.5 through 9.8.5-P1, update to version 9.8.5-P2 or later.
For ISC BIND versions 9.9.x through 9.9.3-P1, update to version 9.9.3-P2 or later.
For ISC BIND version 9.9.4 before 9.9.4b1, update to version 9.9.4b1 or later.
For DNSco BIND versions 9.9.3-S1 through 9.9.3-S1-P0, update to version 9.9.3-S1-P1 or later.
For DNSco BIND version 9.9.4-S1 before 9.9.4-S1b1, update to version 9.9.4-S1b1 or later.